diff options
Diffstat (limited to 'auth-passwd.c')
-rw-r--r-- | auth-passwd.c | 47 |
1 files changed, 18 insertions, 29 deletions
diff --git a/auth-passwd.c b/auth-passwd.c index fc0809e16..058dde82b 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -9,9 +9,9 @@ | |||
9 | 9 | ||
10 | #include "includes.h" | 10 | #include "includes.h" |
11 | 11 | ||
12 | #ifndef HAVE_PAM | 12 | #ifndef HAVE_LIBPAM |
13 | 13 | ||
14 | RCSID("$Id: auth-passwd.c,v 1.10 1999/12/21 10:03:09 damien Exp $"); | 14 | RCSID("$Id: auth-passwd.c,v 1.11 1999/12/24 23:11:29 damien Exp $"); |
15 | 15 | ||
16 | #include "packet.h" | 16 | #include "packet.h" |
17 | #include "ssh.h" | 17 | #include "ssh.h" |
@@ -35,6 +35,8 @@ auth_password(struct passwd * pw, const char *password) | |||
35 | { | 35 | { |
36 | extern ServerOptions options; | 36 | extern ServerOptions options; |
37 | char *encrypted_password; | 37 | char *encrypted_password; |
38 | char *pw_password; | ||
39 | char *salt; | ||
38 | #ifdef HAVE_SHADOW_H | 40 | #ifdef HAVE_SHADOW_H |
39 | struct spwd *spw; | 41 | struct spwd *spw; |
40 | #endif | 42 | #endif |
@@ -68,48 +70,35 @@ auth_password(struct passwd * pw, const char *password) | |||
68 | if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) | 70 | if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) |
69 | return 1; | 71 | return 1; |
70 | 72 | ||
73 | pw_password = pw->pw_passwd; | ||
74 | |||
71 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | 75 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) |
72 | spw = getspnam(pw->pw_name); | 76 | spw = getspnam(pw->pw_name); |
73 | if (spw == NULL) | 77 | if (spw == NULL) |
74 | return(0); | 78 | return(0); |
75 | 79 | ||
76 | if ((spw->sp_namp == NULL) || (strcmp(pw->pw_name, spw->sp_namp) != 0)) | ||
77 | fatal("Shadow lookup returned garbage."); | ||
78 | |||
79 | /* Check for users with no password. */ | 80 | /* Check for users with no password. */ |
80 | if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0) | 81 | if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0) |
81 | return 1; | 82 | return 1; |
82 | 83 | ||
83 | if (strlen(spw->sp_pwdp) < 3) | 84 | pw_password = spw->sp_pwdp; |
84 | return(0); | 85 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ |
85 | 86 | ||
86 | /* Encrypt the candidate password using the proper salt. */ | 87 | if (pw_password[0] != '\0') |
87 | #ifdef HAVE_MD5_PASSWORDS | 88 | salt = pw_password; |
88 | if (is_md5_salt(spw->sp_pwdp)) | ||
89 | encrypted_password = md5_crypt(password, spw->sp_pwdp); | ||
90 | else | 89 | else |
91 | encrypted_password = crypt(password, spw->sp_pwdp); | 90 | salt = "xx"; |
92 | #else /* HAVE_MD5_PASSWORDS */ | ||
93 | encrypted_password = crypt(password, spw->sp_pwdp); | ||
94 | #endif /* HAVE_MD5_PASSWORDS */ | ||
95 | /* Authentication is accepted if the encrypted passwords are identical. */ | ||
96 | return (strcmp(encrypted_password, spw->sp_pwdp) == 0); | ||
97 | #else /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ | ||
98 | |||
99 | if (strlen(pw->pw_passwd) < 3) | ||
100 | return(0); | ||
101 | 91 | ||
102 | #ifdef HAVE_MD5_PASSWORDS | 92 | #ifdef HAVE_MD5_PASSWORDS |
103 | if (is_md5_salt(pw->pw_passwd)) | 93 | if (is_md5_salt(salt)) |
104 | encrypted_password = md5_crypt(password, pw->pw_passwd); | 94 | encrypted_password = md5_crypt(password, salt); |
105 | else | 95 | else |
106 | encrypted_password = crypt(password, pw->pw_passwd); | 96 | encrypted_password = crypt(password, salt); |
107 | #else /* HAVE_MD5_PASSWORDS */ | 97 | #else /* HAVE_MD5_PASSWORDS */ |
108 | encrypted_password = crypt(password, pw->pw_passwd); | 98 | encrypted_password = crypt(password, salt); |
109 | #endif /* HAVE_MD5_PASSWORDS */ | 99 | #endif /* HAVE_MD5_PASSWORDS */ |
110 | 100 | ||
111 | /* Authentication is accepted if the encrypted passwords are identical. */ | 101 | /* Authentication is accepted if the encrypted passwords are identical. */ |
112 | return (strcmp(encrypted_password, pw->pw_passwd) == 0); | 102 | return (strcmp(encrypted_password, pw_password) == 0); |
113 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ | ||
114 | } | 103 | } |
115 | #endif /* !HAVE_PAM */ | 104 | #endif /* !HAVE_LIBPAM */ |